| Table of Contents |
|---|
...
| Reference_description_with_linked_URLs_______________________ | Notes______________________________________________________________ | |
|---|---|---|
| https://drive.google.com/file/d/0BxqKQGV-b4WQYXVyOXphQ3NQT 1E/view?usp=sharing | Security Mgt notes gdoc link | Security Mgt notes docgdoc |
| https://drive.google.com/file/d/1Wtl4H5W9a-OIEkhMJVhkYhfWkbj yHg3r/view?usp=sharing | CISSP Certification Guide - 2012 | |
| https://drive.google.com/file/d/1fRsdf4X0TbJRGu0a7J9uVENeAM6 aZr6x/view?usp=sharing | CISSP Guide Book | |
https://reciprocitylabs.com/the-ultimate-guide-to-soc-2/ soc2-concepts-reciprocitylabs.com-The Ultimate Guide to SOC 2.pdf | SOC 2 Standard concepts | |
https://drive.google.com/file/d/1N7y0ztKHtVjUfdA-ouwgL | SOC 2 Compliance Basics | |
...
VPNs improve wifi security
Many of these mobile workers use public Wi-Fi to access corporate data, and more than one-third never use a VPN to protect their data even though two-thirds are concerned about public Wi-Fi security, according to a survey by iPass. VPN remains a viable option for securing data transferred over public Wi-Fi.
VPN risks
Are VPNs safe? Admittedly, there are security risks associated with VPNs. These include VPN hijacking, in which an unauthorized user takes over a VPN connection from a remote client; man-in-the-middle attacks, in which the attacker is able to intercept data; weak user authentication; split tunneling, in which a user is accessing an insecure Internet connection while also accessing the VPN connection to a private network; malware infection of a client machine; granting too many network access rights; and DNS leak, in which the computer uses its default DNS connection rather than the VPN’s secure DNS server.
...
Crowdstrike lessons 2024 - Impacts and lessons on Perfected Trust
see gdoc details here on crowdstrke
https://www.forbes.com/sites/ariannajohnson/2024/07/19/crowdstrike-update-heres-what-you-should-do/
...
6 sigma quality for SMPE - Service Management Policy Effectiveness for prevention, remediation of service quality problems
6 sigma - a process being 99.9997% defect-free
Six Sigma is a set of tools and methodologies that businesses use to improve processes by reducing defects and errors, minimizing variation, and increasing quality and efficiency. The goal is to achieve a level of quality that is nearly perfect, with only 3.4 defects per million opportunities (DPMO), which is considered a "six sigma" level. This level of performance equates to a process being 99.9997% defect-free
https://www.simplilearn.com/what-is-six-sigma-a-complete-overview-article
Aggregated service quality calculations
Assume a primary service has up to 50 dependent services it invokes processing all it's apis in the contract
Every individual service is rated very high quality ( eg .999 reliability )
The aggregated quality shows the consolidated impact of 50 services that all have that quality rating
| aggregate quality | service quality | service count |
| 0.7783125571 | 0.995 | 50 |
| 0.9512056282 | 0.999 | 50 |
| 0.952157786 | 0.999 | 49 |
| 0.9426362081 | 0.99 | 1 |
the aggregated quality of consolidated services is very low
key points
- aggregated service quality is below each individual service quality
- how do we measure the service quality of each individual service
Candidate Solutions
Open-source security Tools
...